Linux Mint OpenConnect VPN DNS issues

I use OpenConnect vpn on my Linux Mint.  VPN connects fine, but my system never used to get any DNS updates after the VPN connection.  I always had to use IP address to connect to any machine behind the VPN.

On successful connection, OpenConnect updates your /etc/resolv.conf with new nameservers.  However, that was not happening, and /etc/resolv.conf was always having following contents.

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1

VPN connection runs /etc/vpnc/vpnc-script to update /etc/resolv.conf.After debugging the script, i found that script was not even attempting to update resolve.conf file. Further analysis found that, all the DNS request on my system were being routed through Dnsmasq. The Dnsmasq subsystem provides a local DNS server for the network, with forwarding of all query types to upstream recursive DNS servers and cacheing of common record types. You can confirm that your system is running dnsmasq by running following command.  Try executing this commands when you have the VPN connection established.

$ netstat -anp | grep -i dnsmasq

If your system is running dnsmasq, then run following command to get information about dnsmasq.

$ ps -ef | grep -i dnsmasq

Running the above command on my machine gave me following output.

nobody 23360 961 0 10:33 ? 00:00:00 /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts --bind-interfaces --pid-file=/run/sendsigs.omit.d/network-manager.dnsmasq.pid --listen-address=127.0.1.1 --conf-file=/var/run/NetworkManager/dnsmasq.conf --cache-size=0 --proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq --conf-dir=/etc/NetworkManager/dnsmasq.d

Notice the –conf-dir = /etc/NetworkManager/dnsmasq.d in the above command output. This is the directory from where dnsmasq loads its configuration files. Now create a dnsmasq.conf inside this directory. and add following entries in dnsmasq.conf .

#Add entry with .domain and nameserver for forwarding the dns requests for that domain
server=/.mydomain.com/10.1.1.11
server=/.my-domain.com/10.1.1.11

I could not figure out a way to reload the above config for dnsmasq. So i had to restart my machine.  After restart, i reconnected the openconnect, and now DNS was resolving fine.

Advertisements

2 thoughts on “Linux Mint OpenConnect VPN DNS issues

  1. Thanks for writing this awesome article. I’m reading your
    blog since a long time already but I never compelled to leave a comment.
    I saved your blog in my rss feed and shared it on my Facebook.
    I will come back for sure to check your future
    posts!

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s